Monitor & control every single action on your servers

What it is

Comarch SecureAccess is a solution for supervising privileged users' activity on servers.
It assists in monitoring both internal and remote access to server resources through the secure shell (SSH)
and Remote Desktop Protocol (RDP).

Before gaining access to the destination server, the user must undergo
a strong authentication procedure, and any unauthorized access attempts are immediately reported.
This makes it possible to supervise and protect user-server communication, as well as configure and manage session timeouts in convenient and secure way.

What are the benefits

Compliance

The right tool to provide the company’s compliance with the highest industry standards and best practices for security such as: ISO 2700x, PCI-DSS, SOX.

Increased security

A “gatekeeper“ that stores all passwords and keys to servers. It discourages potential malicious activities by informing users that everything they do is recorded.

Access control and simplification

The only tool which enables managing privileged access to servers while separating administrators’ accounts along with their root passwords.

Clients' trust

The tool that controls all activities on the servers, guarantees data security and integrity.

How it works

SecureAccess is a proxy for remote server administration. A privileged user who wants to connect to a server,
establishes a connection and logs into SecureAccess. Then, SecureAccess connects with the remote server.
There is no direct, unsupervised connection between the user and the server since the program records all mouse
clicks and keystrokes and sends alert notifications whenever specific events occur. To simplify the workflow, the user
logs only into SecureAccess and does not need any other passwords or keys to the servers.

It is an independent proxy appliance.
SecureAccess operators (supervisors) are no exception – their activity in the SecureAccess console is also monitored and recorded. SecureAccess deployment does not require any modifications
or software installation on workstations and servers.

Features

Session monitoring and logging

Session monitoring and logging

Session accountability

Recording all keystrokes and mouse clicks

RDP slideshows

text-searchable session recordings

monitoring and recording of SecureAccess's operators’ activities

notifications and alerts

SSH and RDP protocols

Separations of duties

Separation of duties

Every operator is assigned to one of the strictly defined roles:

Global Administrator – a superuser who has all the privileges

Operator – manages the users and permissions in a dedicated area

Pass operator – has access to servers' credentials

Auditor – can watch recordings and logs

Server areas

Server areas

SecureAccess has a capability to create separate virtual areas that contain:

Servers

Operators

Privileged users

Which helps to follow the structure of a large company and makes management easier.

Password managment

Password management

limited access to server credentials

password manager role

Alerts

Alerts

SecureAccess can send e-mail alerts triggered by:

overlimits

new session

initialisation of a subsession

modifications/changes of SecureAccess settings

Every session can be terminated by an operator if there is any suspicious activity.

Access schedule

Access schedule

Every privileged user can be assigned to a certain policy that defines: